--- a/jdk/make/common/shared/Defs-windows.gmk Fri Aug 20 08:18:54 2010 -0700
+++ b/jdk/make/common/shared/Defs-windows.gmk Fri Aug 20 08:49:48 2010 -0700
@@ -89,7 +89,7 @@
$(shell $(CYGPATH_CMD) $1 2> $(DEV_NULL))
endef
define OptFullPath
-$(shell if [ "$1" != "" -a -d "$1" ]; then $(CYGPATH_CMD) "$1"; else echo "$1"; fi)
+$(shell if [ "$1" != "" -a -d "$1" ]; then $(CYGPATH_CMD) "$1" 2> $(DEV_NULL); else echo "$1"; fi)
endef
else
# Temporary until we upgrade to MKS 8.7, MKS pwd returns mixed mode path
--- a/jdk/make/common/shared/Defs.gmk Fri Aug 20 08:18:54 2010 -0700
+++ b/jdk/make/common/shared/Defs.gmk Fri Aug 20 08:49:48 2010 -0700
@@ -136,15 +136,20 @@
$(shell echo $1 | sed -e 's@[^0-9]*\([0-9][0-9]*\.[0-9][.0-9]*\).*@\1@' )
endef
+# Return one part of the version numbers, watch out for non digits.
+define VersionWord # Number Version
+$(word $1,$(subst ., ,$(subst -, ,$2)))
+endef
+
# Given a major.minor.micro version, return the major, minor, or micro number
define MajorVersion
-$(if $(word 1, $(subst ., ,$1)),$(word 1, $(subst ., ,$1)),0)
+$(if $(call VersionWord,1,$1),$(call VersionWord,1,$1),0)
endef
define MinorVersion
-$(if $(word 2, $(subst ., ,$1)),$(word 2, $(subst ., ,$1)),0)
+$(if $(call VersionWord,2,$1),$(call VersionWord,2,$1),0)
endef
define MicroVersion
-$(if $(word 3, $(subst ., ,$1)),$(word 3, $(subst ., ,$1)),0)
+$(if $(call VersionWord,3,$1),$(call VersionWord,3,$1),0)
endef
# Macro that returns missing, same, newer, or older $1=version $2=required
--- a/jdk/src/share/classes/com/sun/jndi/ldap/Connection.java Fri Aug 20 08:18:54 2010 -0700
+++ b/jdk/src/share/classes/com/sun/jndi/ldap/Connection.java Fri Aug 20 08:49:48 2010 -0700
@@ -813,7 +813,8 @@
try {
while (true) {
try {
- inbuf = new byte[10];
+ // type and length (at most 128 octets for long form)
+ inbuf = new byte[129];
offset = 0;
seqlen = 0;
--- a/jdk/src/share/lib/security/java.security-solaris Fri Aug 20 08:18:54 2010 -0700
+++ b/jdk/src/share/lib/security/java.security-solaris Fri Aug 20 08:49:48 2010 -0700
@@ -260,3 +260,30 @@
# Example,
# ocsp.responderCertSerialNumber=2A:FF:00
+#
+# Policy for failed Kerberos KDC lookups:
+#
+# When a KDC is unavailable (network error, service failure, etc), it is
+# put inside a blacklist and accessed less often for future requests. The
+# value (case-insensitive) for this policy can be:
+#
+# tryLast
+# KDCs in the blacklist are always tried after those not on the list.
+#
+# tryLess[:max_retries,timeout]
+# KDCs in the blacklist are still tried by their order in the configuration,
+# but with smaller max_retries and timeout values. max_retries and timeout
+# are optional numerical parameters (default 1 and 5000, which means once
+# and 5 seconds). Please notes that if any of the values defined here is
+# more than what is defined in krb5.conf, it will be ignored.
+#
+# Whenever a KDC is detected as available, it is removed from the blacklist.
+# The blacklist is reset when krb5.conf is reloaded. You can add
+# refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is
+# reloaded whenever a JAAS authentication is attempted.
+#
+# Example,
+# krb5.kdc.bad.policy = tryLast
+# krb5.kdc.bad.policy = tryLess:2,2000
+krb5.kdc.bad.policy = tryLast
+
--- a/jdk/src/share/lib/security/java.security-windows Fri Aug 20 08:18:54 2010 -0700
+++ b/jdk/src/share/lib/security/java.security-windows Fri Aug 20 08:49:48 2010 -0700
@@ -260,3 +260,30 @@
# Example,
# ocsp.responderCertSerialNumber=2A:FF:00
+#
+# Policy for failed Kerberos KDC lookups:
+#
+# When a KDC is unavailable (network error, service failure, etc), it is
+# put inside a blacklist and accessed less often for future requests. The
+# value (case-insensitive) for this policy can be:
+#
+# tryLast
+# KDCs in the blacklist are always tried after those not on the list.
+#
+# tryLess[:max_retries,timeout]
+# KDCs in the blacklist are still tried by their order in the configuration,
+# but with smaller max_retries and timeout values. max_retries and timeout
+# are optional numerical parameters (default 1 and 5000, which means once
+# and 5 seconds). Please notes that if any of the values defined here is
+# more than what is defined in krb5.conf, it will be ignored.
+#
+# Whenever a KDC is detected as available, it is removed from the blacklist.
+# The blacklist is reset when krb5.conf is reloaded. You can add
+# refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is
+# reloaded whenever a JAAS authentication is attempted.
+#
+# Example,
+# krb5.kdc.bad.policy = tryLast
+# krb5.kdc.bad.policy = tryLess:2,2000
+krb5.kdc.bad.policy = tryLast
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/krb5/BadKdcDefaultValue.java Fri Aug 20 08:49:48 2010 -0700
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+/*
+ * @test
+ * @bug 6976536
+ * @summary Solaris JREs do not have the krb5.kdc.bad.policy configured by default.
+ * @run main/othervm BadKdcDefaultValue
+ */
+
+import java.security.Security;
+
+public class BadKdcDefaultValue {
+ public static void main(String[] args) throws Exception {
+ if (!"tryLast".equalsIgnoreCase(
+ Security.getProperty("krb5.kdc.bad.policy"))) {
+ throw new Exception("Default value not correct");
+ }
+ }
+}
+